Closed filkaris closed 4 years ago
carlospolop
commented
4 years ago Hi @filkaris,
Thank you very much for noticing that "weird" case. I have uploaded a release solving the problem. This is what I changed to solve this: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/41cb2b2be0292685b260577b633c5b671b55261f/linPEAS/linpeas.sh#L1849-L1850
Thank you.
filkaris
commented
4 years ago You're welcome carlos!
also if you want to avoid the extra commands, you can check if the current user is the effective owner with the -O flag
if [ -O $s ]; thenWow, I should have looked for that before applying the patch. Thanks make, I've corrected linpeas.
Hello!
I am quite new to pentesting, and I have been using linpeas often to find vectors of privilege escalation.
Here I have a question, I noticed recently that I got a RED/YELLOW on a SUID file I have permission to write
However, the owner of this file in this specific case is not root, it's just me
If I'm not mistaken, SUID allows you to perform actions as the file's owner, so in this case, as myself. I don't see how I can use this as a 99% PE Vector at least with my current skillset/knowledge
Maybe there should be another check in place that the owner of the file is root? Or ignore it if the user is the file's owner? Or maybe have it RED and not RED/YELLOW? Up to you really :)
Thank you for taking a loot at it!
https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/a85dacaa44fc5f56e3024b29e84468c99cb3c604/linPEAS/linpeas.sh#L1830